root access with runlevel 1

meine · #1 28th April 2012, 11:10 AM

hi,

this morning my F15 64bit box hangs on boot. to work on it on runlevel=1 I hit the spacebar at boot to add a "1" at the end of the kernel line.

surprisingly thet box booted and instantly gave root access without asking for a password!

bug or feature?

TIA, meine

jpollard · #2 28th April 2012, 12:00 PM

fairly normal.

meine · #3 28th April 2012, 12:47 PM

Quote:

Originally Posted by jpollard

fairly normal.

TNX

it means that anyone setting runlevel to 1 can have root access. nice workaround when AFU but not very secure...

jpollard · #4 28th April 2012, 01:31 PM

It also means root for anyone booting a CD...

As long as there is no password on the BIOS and none on GRUB, you can always bypass the password for root.

With a password on grub, you prevent editing the kernel boot...
With a password on the BIOS, you prevent changing the boot order or allowing a boot CD/USB device.

***Gareth Jones*** · #5 28th April 2012, 03:05 PM

Indeed, if you want anything resembling true security against people with physical access to the machine, you need to lock-down everything from BIOS/UEFI onwards, and encrypt your file-systems whilst you're at it if you store anything private.

There should be information on the Internet about locking-down publicly-accessible machines. Search for "kiosk" mode etc.